Exception, Anomaly, and Threat Detection
In addition to point cyber security defenses, behavioral- and anomaly-based threat detection is possible. Learn how to use your knowledge of the process control system and established behavioral baselines to identify potential threats.
Information in this Chapter
• Exception Reporting
• Behavioral Anomaly Detection
• Behavioral Whitelisting
• Threat Detection
Clear policies about what communications are allowed and what are not have already been obtained by defining zones. The operation within each zone should also be well defined and relatively predictable. This supports two important types of behavioral analysis: ...